FakeSysDef

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

FakeSysDef

Post by Rivers on Fri 30 Dec 2011, 12:04 pm

First topic message reminder :

First got an error message "Windows detected a hard disk problem." Then got multiple tiled boxes that read "Windows - Delayed Write Failed. Failed to save all the components for the file \\systems\\00004386. The file is corrupted or unreadable. This error may be caused by a PC hardware problem."

Windows was totally inoperable and all the programs and files were hidden. Nothing would run except DOS files. Has changed now somewhat and some programs are listed in the start menu and they do open some documents. But only some are listed and the full start menu is not there.

Avira updated and gave a warning that the threat TR/FakeSysdef.466944.47 was found in file C:\Documents and Settings\...\hFITnUFOxHN.exe.

I have been able to open Windows in safe mode with networking and open the browser.

Any help is appreciated!

Here are the OTL and aswMBR logs:

OTL logfile created on: 12/21/2011 9:05:47 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 45.02% Memory free
3.85 Gb Paging File | 2.76 Gb Available in Paging File | 71.62% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 278.32 Gb Total Space | 191.28 Gb Free Space | 68.73% Space Free | Partition Type: NTFS
Drive D: | 0.63 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 1009.72 Mb Total Space | 850.31 Mb Free Space | 84.21% Space Free | Partition Type: FAT

Computer Name: MMARTIN3 | User Name: mmartin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/21 18:35:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\OTL.com
PRC - [2011/12/21 16:30:07 | 000,447,360 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\hFITnUFOxHN.exe
PRC - [2011/11/22 10:56:38 | 000,273,528 | -H-- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/11/01 09:53:40 | 000,025,656 | -H-- | M] (Apache Software Foundation) -- C:\Program Files\Spiceworks\httpd\bin\spiceworks-httpd.exe
PRC - [2011/11/01 09:53:36 | 000,047,672 | -H-- | M] (Spiceworks, Inc.) -- C:\Program Files\Spiceworks\bin\spiceworks.exe
PRC - [2011/11/01 09:53:32 | 000,275,512 | -H-- | M] (Spiceworks, Inc.) -- C:\Program Files\Spiceworks\bin\spicetray.exe
PRC - [2011/07/01 09:32:59 | 000,269,480 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/28 15:15:53 | 000,076,968 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/03/28 15:15:40 | 000,136,360 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 15:15:29 | 000,281,768 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/01/07 12:12:22 | 000,505,576 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/09/29 08:17:50 | 000,013,088 | -H-- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/01/12 12:45:05 | 000,098,304 | -H-- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
PRC - [2009/01/12 12:42:53 | 000,020,572 | -H-- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
PRC - [2008/06/11 22:43:26 | 000,640,376 | -H-- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 18:12:14 | 000,389,120 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2007/10/30 20:51:44 | 000,492,720 | -H-- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2007/10/30 20:11:48 | 000,909,208 | -H-- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2007/10/30 20:07:40 | 000,140,568 | -H-- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2007/10/30 20:07:38 | 000,427,288 | -H-- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2007/10/30 20:06:42 | 002,595,616 | -H-- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2006/08/03 05:12:36 | 000,577,536 | -H-- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2003/12/05 15:41:44 | 000,049,152 | -H-- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2003/10/03 11:52:50 | 000,061,440 | -H-- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
PRC - [2002/09/10 20:26:26 | 000,368,706 | -H-- | M] () -- C:\Program Files\BroadJump\Client Foundation\CFD.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/21 16:30:07 | 000,447,360 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\hFITnUFOxHN.exe
MOD - [2011/11/01 09:51:16 | 000,024,576 | -H-- | M] () -- C:\Program Files\Spiceworks\pkg\gems\sqlite3-ruby-1.3.1\lib\sqlite3\sqlite3_native.so
MOD - [2011/11/01 09:51:12 | 000,052,224 | -H-- | M] () -- C:\Program Files\Spiceworks\pkg\gems\nokogiri-1.4.1\lib\nokogiri\nokogiri.so
MOD - [2011/11/01 09:51:12 | 000,027,648 | -H-- | M] () -- C:\Program Files\Spiceworks\pkg\gems\net-snmp-0.2.3\lib\netsnmp_api.so
MOD - [2011/11/01 09:51:10 | 000,060,416 | -H-- | M] () -- C:\Program Files\Spiceworks\pkg\gems\curb-0.7.12\lib\curb_core.so
MOD - [2011/11/01 09:51:10 | 000,011,776 | -H-- | M] () -- C:\Program Files\Spiceworks\pkg\gems\image_science-1.2.1\lib\image_science.so
MOD - [2011/11/01 09:50:00 | 000,101,376 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\event_log.so
MOD - [2011/11/01 09:50:00 | 000,052,736 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\efs.so
MOD - [2011/11/01 09:50:00 | 000,045,568 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\bits.so
MOD - [2011/11/01 09:50:00 | 000,026,112 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\async_ping.so
MOD - [2011/11/01 09:49:58 | 000,176,640 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\openssl.so
MOD - [2011/11/01 09:49:58 | 000,171,520 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\nkf.so
MOD - [2011/11/01 09:49:58 | 000,093,696 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\trans\single_byte.so
MOD - [2011/11/01 09:49:58 | 000,084,480 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\socket.so
MOD - [2011/11/01 09:49:58 | 000,078,336 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\syck.so
MOD - [2011/11/01 09:49:58 | 000,077,824 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\zlib.so
MOD - [2011/11/01 09:49:58 | 000,074,752 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\win32ole.so
MOD - [2011/11/01 09:49:58 | 000,047,104 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\dl.so
MOD - [2011/11/01 09:49:58 | 000,039,936 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\bigdecimal.so
MOD - [2011/11/01 09:49:58 | 000,022,016 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\stringio.so
MOD - [2011/11/01 09:49:58 | 000,021,504 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\json\ext\generator.so
MOD - [2011/11/01 09:49:58 | 000,018,944 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\iconv.so
MOD - [2011/11/01 09:49:58 | 000,017,920 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\json\ext\parser.so
MOD - [2011/11/01 09:49:58 | 000,017,408 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\strscan.so
MOD - [2011/11/01 09:49:58 | 000,015,872 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest\sha2.so
MOD - [2011/11/01 09:49:58 | 000,015,360 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\racc\cparse.so
MOD - [2011/11/01 09:49:58 | 000,013,312 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\trans\transdb.so
MOD - [2011/11/01 09:49:58 | 000,012,800 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest\sha1.so
MOD - [2011/11/01 09:49:58 | 000,012,288 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest.so
MOD - [2011/11/01 09:49:58 | 000,011,776 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\trans\utf_16_32.so
MOD - [2011/11/01 09:49:58 | 000,011,776 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\encdb.so
MOD - [2011/11/01 09:49:58 | 000,010,752 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\shift_jis.so
MOD - [2011/11/01 09:49:58 | 000,010,752 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\euc_jp.so
MOD - [2011/11/01 09:49:58 | 000,010,240 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest\md5.so
MOD - [2011/11/01 09:49:58 | 000,009,216 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_16le.so
MOD - [2011/11/01 09:49:58 | 000,009,216 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_16be.so
MOD - [2011/11/01 09:49:58 | 000,009,216 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\iso_8859_1.so
MOD - [2011/11/01 09:49:58 | 000,008,704 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\etc.so
MOD - [2011/11/01 09:49:58 | 000,008,192 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_32le.so
MOD - [2011/11/01 09:49:58 | 000,008,192 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_32be.so
MOD - [2011/11/01 09:49:58 | 000,008,192 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\monitor_mixin.so
MOD - [2011/11/01 09:49:58 | 000,007,680 | -H-- | M] () -- C:\Program Files\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\fcntl.so
MOD - [2011/11/01 09:49:54 | 000,067,584 | -H-- | M] () -- C:\Program Files\Spiceworks\httpd\bin\zlib1.dll
MOD - [2011/11/01 09:49:54 | 000,067,584 | -H-- | M] () -- C:\Program Files\Spiceworks\bin\zlib1.dll
MOD - [2011/11/01 09:49:52 | 000,374,272 | -H-- | M] () -- C:\Program Files\Spiceworks\bin\sqlite3.dll
MOD - [2011/11/01 09:49:50 | 000,996,352 | -H-- | M] () -- C:\Program Files\Spiceworks\bin\libxml2.dll
MOD - [2011/11/01 09:49:50 | 000,397,312 | -H-- | M] () -- C:\Program Files\Spiceworks\bin\netsnmp.dll
MOD - [2011/11/01 09:49:50 | 000,171,008 | -H-- | M] () -- C:\Program Files\Spiceworks\bin\libxslt.dll
MOD - [2011/11/01 09:49:50 | 000,168,960 | -H-- | M] () -- C:\Program Files\Spiceworks\bin\qdbm.dll
MOD - [2011/11/01 09:49:48 | 000,061,440 | -H-- | M] () -- C:\Program Files\Spiceworks\bin\libexslt.dll
MOD - [2011/11/01 09:49:42 | 000,864,768 | -H-- | M] () -- C:\Program Files\Spiceworks\bin\iconv.dll
MOD - [2011/04/21 08:38:52 | 011,486,720 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
MOD - [2011/04/21 08:34:02 | 003,149,824 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/04/21 08:34:02 | 002,048,000 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2011/04/21 08:34:01 | 002,933,248 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/04/21 08:34:00 | 000,425,984 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2011/04/21 08:33:56 | 000,626,688 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2011/04/21 08:33:56 | 000,303,104 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/04/21 08:33:55 | 000,258,048 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2011/04/21 08:33:54 | 000,261,632 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/04/21 08:33:52 | 000,114,688 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2011/04/21 08:33:47 | 005,025,792 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2010/06/17 14:27:22 | 000,355,688 | -H-- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010/04/09 22:27:27 | 000,854,016 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2010/04/09 22:27:26 | 000,471,040 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2010/04/09 22:27:26 | 000,403,456 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2010/04/09 22:27:24 | 000,419,616 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2010/04/09 22:27:24 | 000,046,880 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2010/04/09 22:27:24 | 000,023,840 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2010/04/09 22:27:24 | 000,018,720 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2010/04/09 22:27:24 | 000,012,064 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2010/04/09 22:27:23 | 000,270,112 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2010/04/09 22:27:23 | 000,120,096 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2010/04/09 22:27:23 | 000,070,432 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2010/04/09 22:27:22 | 000,121,632 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/10/30 14:59:36 | 000,212,992 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
MOD - [2009/10/30 14:55:28 | 007,868,416 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
MOD - [2009/09/04 22:15:06 | 000,067,872 | -H-- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/04/07 17:17:41 | 001,058,304 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2009/04/07 17:17:41 | 000,471,040 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2009/04/07 17:17:40 | 000,402,208 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2009/04/07 17:17:40 | 000,238,368 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2009/04/07 17:17:40 | 000,047,392 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2009/04/07 17:17:40 | 000,018,720 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2009/04/07 17:17:39 | 000,130,848 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/04/07 17:17:39 | 000,120,608 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2009/04/07 17:17:39 | 000,072,992 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/04/07 17:14:13 | 000,755,712 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
MOD - [2009/04/07 17:14:12 | 000,270,336 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2009/04/07 17:14:11 | 000,458,752 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
MOD - [2009/04/07 17:14:11 | 000,065,536 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
MOD - [2009/04/07 17:14:11 | 000,045,056 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
MOD - [2009/04/07 17:14:10 | 000,073,728 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
MOD - [2009/01/12 12:42:55 | 000,053,349 | -H-- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\zip.dll
MOD - [2009/01/12 12:42:55 | 000,053,342 | -H-- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\verify.dll
MOD - [2009/01/12 12:42:54 | 000,032,864 | -H-- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\net.dll
MOD - [2009/01/12 12:42:53 | 000,802,901 | -H-- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\hotspot\jvm.dll
MOD - [2009/01/12 12:42:53 | 000,094,308 | -H-- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\java.dll
MOD - [2009/01/12 12:42:53 | 000,028,776 | -H-- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\hpi.dll
MOD - [2009/01/12 12:42:53 | 000,020,572 | -H-- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
MOD - [2008/04/13 18:11:59 | 000,014,336 | -H-- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/10/30 20:51:44 | 000,492,720 | -H-- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
MOD - [2007/10/29 19:53:32 | 001,328,408 | -H-- | M] () -- C:\Program Files\Acronis\TrueImageHome\fox.dll
MOD - [2003/06/16 15:52:48 | 000,074,752 | -H-- | M] () -- C:\WINDOWS\system32\jst.dll
MOD - [2002/09/10 20:26:26 | 000,368,706 | -H-- | M] () -- C:\Program Files\BroadJump\Client Foundation\CFD.exe
MOD - [2002/07/02 14:32:00 | 000,184,431 | -H-- | M] () -- C:\Program Files\BroadJump\Client Foundation\TimerManager.dll
MOD - [2002/07/02 14:22:34 | 000,122,993 | -H-- | M] () -- C:\Program Files\BroadJump\Client Foundation\AppProperties.dll
MOD - [2002/07/02 14:10:42 | 000,110,695 | -H-- | M] () -- C:\Program Files\BroadJump\Client Foundation\BJComBase.dll
MOD - [2002/06/04 19:33:54 | 000,106,601 | -H-- | M] () -- C:\Program Files\BroadJump\Client Foundation\BJComSRCManager.dll
MOD - [2002/06/04 17:48:26 | 000,143,489 | -H-- | M] () -- C:\Program Files\BroadJump\Client Foundation\BasicLoaderService.dll
MOD - [2002/06/04 17:48:10 | 000,163,951 | -H-- | M] () -- C:\Program Files\BroadJump\Client Foundation\BJComRT.dll
MOD - [2002/05/03 15:40:32 | 000,094,274 | -H-- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL
MOD - [2002/04/17 09:49:22 | 000,024,576 | -H-- | M] () -- C:\Program Files\hp\HP Share-to-Web\hpgs2wnfps.dll
MOD - [2001/09/26 02:23:08 | 000,196,695 | -H-- | M] () -- C:\Program Files\BroadJump\Client Foundation\BJIntlCore_1_1_DDR.dll
MOD - [2001/09/23 14:41:10 | 000,524,377 | -H-- | M] () -- C:\Program Files\BroadJump\Client Foundation\stlport_4_0_0_DDR.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/07/01 09:32:59 | 000,269,480 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/03/28 15:15:40 | 000,136,360 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/09/29 08:17:50 | 000,013,088 | -H-- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/01/23 15:27:40 | 000,651,720 | -H-- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/29 15:09:02 | 000,394,704 | -H-- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2007/10/30 20:51:44 | 000,492,720 | -H-- | M] () [Auto | Running] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2007/10/30 20:07:38 | 000,427,288 | -H-- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2002/12/04 02:24:20 | 000,065,536 | RH-- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011/07/01 09:33:01 | 000,138,192 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/01 09:33:01 | 000,066,616 | -H-- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 14:27:22 | 000,028,520 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 14:27:12 | 000,011,608 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/04/19 20:29:20 | 000,018,432 | -H-- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2009/06/11 15:46:46 | 000,082,380 | -H-- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2009/04/28 00:13:23 | 003,565,568 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/02/03 20:31:17 | 000,170,496 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinavt2.sys -- (ATIAVAIW)
DRV - [2009/01/12 15:45:24 | 000,441,760 | -H-- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/01/12 15:45:24 | 000,044,384 | -H-- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/01/12 15:45:20 | 000,129,248 | -H-- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009/01/12 15:45:16 | 000,368,544 | -H-- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009/01/11 13:45:58 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2008/10/09 15:42:42 | 000,017,408 | -H-- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/04/13 12:56:49 | 000,012,800 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/13 11:46:22 | 000,015,232 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2007/10/04 20:27:26 | 000,019,240 | -H-- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2007/10/04 20:27:24 | 000,116,776 | -H-- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SI3114R.sys -- (SI3114r)
DRV - [2006/11/02 07:00:08 | 000,039,368 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (winusb)
DRV - [2006/09/20 15:01:12 | 004,019,072 | -H-- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003/08/06 15:44:24 | 000,014,336 | -H-- | M] (ATI Technologies Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atinpdxx.sys -- (PCDCODEC)
DRV - [2003/08/06 15:44:11 | 000,013,824 | -H-- | M] (ATI Technologies Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2003/08/06 15:41:07 | 000,104,960 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2003/08/06 15:39:59 | 000,063,488 | -H-- | M] (ATI Technologies Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2003/08/06 15:39:05 | 000,051,712 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2003/08/06 15:35:20 | 000,056,832 | -H-- | M] (ATI Technologies Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..keyword.URL: "http://search.avg.com/?d=4d63328c&i=23&tp=ab&nt=1&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@palmsource.com/installer,version=1.0: C:\PROGRA~1\palmOne\PACKAG~1\NPInstal.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\mmartin\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\mmartin\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\mmartin\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\mmartin\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/22 10:57:12 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/22 10:57:00 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/22 10:57:44 | 000,000,000 | -H-D | M]

[2009/01/13 15:17:39 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\mmartin\Application Data\Mozilla\Extensions
[2011/12/17 21:46:36 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\mmartin\Application Data\Mozilla\Firefox\Profiles\p5a9s7yp.default\extensions
[2011/12/17 21:46:36 | 000,000,000 | -H-D | M] (FireShot) -- C:\Documents and Settings\mmartin\Application Data\Mozilla\Firefox\Profiles\p5a9s7yp.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2011/07/29 15:18:44 | 000,000,000 | -H-D | M] (BitDefender QuickScan) -- C:\Documents and Settings\mmartin\Application Data\Mozilla\Firefox\Profiles\p5a9s7yp.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/11/08 22:21:40 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/08 22:21:34 | 000,134,104 | -H-- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007/10/26 09:00:08 | 000,016,896 | -H-- | M] () -- C:\Program Files\mozilla firefox\components\tmfftb.dll
[2011/05/18 15:49:47 | 000,472,808 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/03 09:51:41 | 000,002,252 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/08 22:21:34 | 000,002,040 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/05/16 17:32:46 | 000,000,027 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Time Matters) - {00F17ECE-12DA-46A0-B541-BDE4EB7DF027} - C:\TMW9\tmietb.dll (LexisNexis, a division of Reed Elsevier Inc. )
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Time Matters) - {00F17ECE-12DA-46A0-B541-BDE4EB7DF027} - C:\TMW9\tmietb.dll (LexisNexis, a division of Reed Elsevier Inc. )
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [hFITnUFOxHN.exe] C:\Documents and Settings\All Users\Application Data\hFITnUFOxHN.exe ()
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Spiceworks] C:\Program Files\Spiceworks\bin\spicetray_silent.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe (Hewlett-Packard)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Evernote - C:\Program Files\Evernote\Evernote3\enbar.dll (Evernote Corporation)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll (Evernote Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} [You must be registered and logged in to see this link.] (NSHelp Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [You must be registered and logged in to see this link.] (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [You must be registered and logged in to see this link.] (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = blackwarriorriver.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{55126A71-4597-46AB-8F9E-B840B3F4513F}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\linkscanner - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\mmartin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\mmartin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/08 11:48:13 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTRSupport - Reg Error: Value error.
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0F5C3557-9462-6B04-BD71-78589BDDBE66} - Outlook Express
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4d64f3ba-f112-4efe-a02e-96680859937c} - KB918899
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5b7bf89d-d196-4c32-a303-a57b8ab7f18d} - KB918439
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {dd772a76-bef3-44d7-8b39-502c8504c1f1} - KB925486
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {f15ee071-deb7-4cbb-951f-431c98338d8e} - KB911567
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /HideWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2011/12/21 21:04:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\mmartin\Recent
[2011/12/21 19:39:13 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\mmartin\Application Data\Avira
[2011/12/01 14:28:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\mmartin\Start Menu\Programs\Spiceworks
[2011/12/01 14:27:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Spiceworks
[2011/11/23 10:57:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/11/22 10:57:17 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\xing shared



Rivers

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-05-13
Operating System : Windows XP

View user profile

Back to top Go down


Re: FakeSysDef

Post by Rivers on Tue 31 Jan 2012, 2:57 pm

No, I get an error message, "Windows Explorer has encountered a problem and needs to close."

Rivers

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-05-13
Operating System : Windows XP

View user profile

Back to top Go down

Re: FakeSysDef

Post by Rivers on Sat 11 Feb 2012, 3:54 am

Ok, once again it's been 12 days since I've heard from you. I'm running out of patience. Trying something that doesn't work every two weeks just isn't working for me. My computer's been dead almost two months. So, should I try that other site or just reformat and reload windows? Maybe try Windows 7? One last question before I go, if it's not too much to ask. If I reformat and restore my last backup, which was saved after my computer became infected, what files should I avoid restoring? Where does the virus hide it's ugly head?

Rivers

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-05-13
Operating System : Windows XP

View user profile

Back to top Go down

Re: FakeSysDef

Post by Belahzur on Sat 11 Feb 2012, 11:10 am

Yeah it might be worth formatting and using Windows 7.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: FakeSysDef

Post by Rivers on Sun 12 Feb 2012, 3:24 am

Ok, thanks for trying. I know a lot of people have better results. I think this virus was very ugly and persistent.

Rivers

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-05-13
Operating System : Windows XP

View user profile

Back to top Go down

Re: FakeSysDef

Post by Sponsored content Today at 2:49 am


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum